Customer Case Study


Intercom, the customer messaging platform launched its public bug bounty program in early 2016. The goal: to implement a secure development lifecycle and protect customer data. Intercom believes that the program is one of the best ways to address and stay on top of the latest cybersecurity challenges.

Intercom’s public bug bounty program will issue monetary rewards of up to $1,500 per vulnerability identified, depending on impact and severity. The scope includes anything that relates to Intercom’s main application functionality and their iOS and Android SDKs.

“Intercom’s business relies on customer trust. To keep this trust we need to use the best tools available to keep our customers’ data secure. Our private bug bounty program with Bugcrowd allowed us to tap into the creativity and abilities of hundreds of security researchers to find and report the most complex bugs – the ones vulnerability scanners just can’t uncover. Now we’re expanding our program for access to a bigger pool of researchers to improve our ability to find and fix vulnerabilities.” – Thibault Candebat, Information Security Manager, Intercom

Learn more about Intercom’s public bug bounty program.